The Federal Deposit Insurance Corp. is a member of the council, and said it isn’t aware of anyone using the Heartbleed flaw to attack, but banks should pretty much know they’re big targets for a breach. You know, what with all that financial information and money they deal with.

Some banks have responded to the Heartbleed brouhaha, saying they’re checking their systems and haven’t found any breaches.

“Bank of America has experienced no issues as a result of the Heartbleed Bug, and has determined our sites are not vulnerable,” a spokesman told the WSJ.

Citigroup says the bank’s “initial assessment indicates it has not impacted our retail banking or credit card websites, and we are taking appropriate steps to safeguard all of our websites.”

A Wells Fargo spokeswoman said the “vulnerabilities associated with Heartbleed have had no impact on the safety of banking online with Wells Fargo.”

The alert focused more on the internal passwords and systems used by bank employees, rather than warning bank customers that their accounts could’ve been compromised.

Again, if you haven’t changed your passwords yet (check this handy list from Mashable of which ones you definitely need to change) you should. And don’t use the same password across numerous sites, if you can avoid it.